Podatność CVE-2018-11235

Podatność CVE-2018-11235

Publikacja: 2018-05-30

Opis:

	Tytuł	Autor	Data
High	Git < 2.17.1 Remote Code Execution	JameelNabbo	01.06.2018
High	Sourcetree Remote Code Execution	Etienne Stalmans	25.07.2018

Typ:

(Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))

Ogólna skala CVSS	Znaczenie	Łatwość wykorzystania
6.8/10	6.4/10	8.6/10

Affected software
Redhat -> Enterprise linux
Redhat -> Enterprise linux desktop
Redhat -> Enterprise linux server
Redhat -> Enterprise linux server eus
Redhat -> Enterprise linux workstation
Gitforwindows -> GIT
Git-scm -> GIT
Debian -> Debian linux
Canonical -> Ubuntu linux

http://www.securityfocus.com/bid/104345

http://www.securitytracker.com/id/1040991

https://access.redhat.com/errata/RHSA-2018:1957

https://access.redhat.com/errata/RHSA-2018:2147

https://blogs.msdn.microsoft.com/devops/2018/05/29/announcing-the-may-2018-git-security-vulnerability/

https://marc.info/?l=git&m=152761328506724&w=2

https://security.gentoo.org/glsa/201805-13

https://usn.ubuntu.com/3671-1/

https://www.debian.org/security/2018/dsa-4212

https://www.exploit-db.com/exploits/44822/